Windows Client Guidance against speculative execution vulnerabilities

IronZorg89 said:

That's my whole point. The vulnerabilities from Spectre &Meltdown are known by the bad guys (hackers) out there and I am still not completely covered. Unfortunately, there is nothing either you , me or anyone else can do while waiting for a firmware patch.

lx07 said:

Isn't there? What if you run as a standard user? Would that help or not?

Doesn't the malware required need authority to run or does any user (including limited ones) have access to see what the butler is doing in the wine cellar (to use the feeble analogy apparently used by every single newspaper on the planet).

And add some layer of protection to your system and your habits (closing browser after visiting sites, that are have important data for you - online mail etc). Using safe software (patched browsers are crucial) and prevent malware to install local.

As far as I know, there is no malware in the wild, which explore these vulnerabilities yet. But it's only question of time.

lx07 said:

Isn't there? What if you run as a standard user? Would that help or not?

Doesn't the malware required need authority to run or does any user (including limited ones) have access to see what the butler is doing in the wine cellar (to use the feeble analogy apparently used by every single newspaper on the planet).

Yes, but at some point or another one will need to use the Admin user account for some specific tasks and for a long period of time depending on what is being done.

AndreTen said:

And add some layer of protection to your system and your habits (closing browser after visiting sites, that are have important data for you - online mail etc). Using safe software (patched browsers are crucial) and prevent malware to install local.

As far as I know, there is no malware in the wild, which explore these vulnerabilities yet. But it's only question of time.

That's the way to go for now and it has always been even before the discovery of Spectre & Meltdown vulnerabilities. Just for kicks, you know that Chrome and some chromium-based browsers like Opera & Vivaldi won't get a fix against them before January 23, 2018, which, I admit, is pretty soon. Until that date, all one can do, is to enable an optional feature "Site Isolation" in order to mitigate the exploitation of these vulnerabilities.

IronZorg89 said:

That's the way to go for now and it has always been even before the discovery of Spectre & Meltdown vulnerabilities. Just for kicks, you know that Chrome and some chromium-based browsers like Opera & Vivaldi won't get a fix against them before January 23, 2018, which, I admit, is pretty soon. Until that date, all one can do, is to enable an optional feature "Site Isolation" in order to mitigate the exploitation of these vulnerabilities.

AndreTen said:

Even before the advent of Firefox Quantum, it has always been my favorite browser.

Josey Wales said:

There is code at GitHub that will do it

Do you have a referenced link?. I am just curious.!

Josey Wales said:

There is code at GitHub that will do it

IronZorg89 said:

Do you have a referenced link?. I am just curious.!

if working code is available, be ready for some serious trouble... just question of time and how will bad guys pack it.